Important Photon OS Security Update - PHSA-2026-4.0-1010

Updates of 'docker', 'dotnet-runtime' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2026-5.0-0809

Updates of 'docker' packages of Photon OS have been released...

Important: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

CVE-2025-54388

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...

MGASA-2025-0189 Updated docker packages fix security vulnerability

External DNS requests from 'internal' networks could lead to data exfiltration - CVE-2024-29018 We can't determine if docker 24.0.5 is affected but as it is no longer supported we are releasing version 25.0.7, as it is supported and free of the CVE...

Updated docker packages fix security vulnerability

External DNS requests from 'internal' networks could lead to data exfiltration - CVE-2024-29018 We can't determine if docker 24.0.5 is affected but as it is no longer supported we are releasing version 25.0.7, as it is supported and free of the CVE...

USN-7161-3: Docker vulnerability

USN-7161-1 and USN-7161-2 fixed CVE-2024-41110 for source package docker.io in Ubuntu 18.04 LTS and for source package docker.io-app in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. This update fixes it for source package docker.io in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,...

openSUSE Security Advisory (SUSE-SU-2025:1062-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-41089 vulnerabilities

Vulnerabilities for packages: docker...

Linux Distros Unpatched Vulnerability : CVE-2014-8178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for...

CVE-2024-36621

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion...

Important Photon OS Security Update - PHSA-2024-4.0-0710

Updates of 'docker' packages of Photon OS have been released...

CVE-2024-41110

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being...

MGASA-2023-0329 Updated docker packages fix security vulnerabilities and bugs

This update fixes several security issues and also solves some other issues - manage change of launch option earlier in post process - Automatically convert -g option to --data-root in installed /etc/sysconfig/docker-storage - Fix CVE-2023-26054 and CVE-2023-28840-2...

MGASA-2023-0009 Updated docker packages fix security vulnerability

Server side request forgery CVE-2022-29153 Bypass primary group restrictions due to a flaw in the supplementary group access setup CVE-2022-36109 Imported Nodes/Services Information leak in moby-engine. CVE-2022-3920...

MGASA-2022-0117 Updated docker packages fix security vulnerability

Containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during 'execve2' CVE-2022-24769...

MGASA-2022-0088 Updated docker-containerd packages fix security vulnerability

A bug was found in containerd where containers launched through containerd’s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup...

MGASA-2020-0406 Updated docker packages fix a security vulnerability

It was discovered that Docker could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials CVE-2020-15157...

CVE-2020-14300

The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 https://access.redhat.com/errata/RHBA-2020:0053 included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in...

MGASA-2020-0279 Updated docker packages fix security vulnerability

Updated docker packages fix security vulnerability: A flaw was found in Docker when it creates network bridges that accept IPv6 router advertisements by default. This flaw allows an attacker who can execute code in a container to possibly spoof rogue IPv6 router advertisements to perform a...